What are the Types of firewalls?

There are software and hardware firewalls. Each format serves a different but important purpose. A hardware firewall is physical, like a broadband router — stored between your network and gateway. A software firewall is internal — a program on your computer that works through port numbers and applications.

There also are cloud-based firewalls, known as Firewall as a Service (FaaS). One benefit of cloud-based firewalls is that they can grow with your organization and, similar to hardware firewalls, do well with perimeter security.

There are several different types of firewalls based on their structure and functionality. Here are the various firewalls you can implement, depending on the size of your network and the level of security you need.

Packet-filtering firewalls

A packet-filtering firewall is a management program that can block network traffic IP protocol, an IP address, and a port number. This type of firewall is the most basic form of protection and is meant for smaller networks.

But beware. While packet-filtering firewalls can be helpful, they also have limitations. Because all web traffic is allowed, a packet-filtering firewall doesn’t block web-based attacks. So, you need additional protection to distinguish between friendly and malicious web traffic.

Proxy service firewalls

The proxy service firewall is a system that can help protect your network security by filtering messages at the application layer. It essentially serves as a gateway or middle man between your internal network and outside servers on the web. Also known as a gateway firewall, it is more secure in its use of stateful and deep packet inspection technology to analyze incoming traffic.

Stateful multi-layer inspection (SMLI) firewalls

The stateful multi-layer inspection firewall has standard firewall capabilities and keeps track of established connections. It filters traffic based on state, port, and protocol, along with administrator-defined rules and context. This involves using data from prior connections and packets from the same connection.

Most firewalls rely on stateful packet inspection to keep track of all internal traffic. This firewall is a step above packet-filtering in its use of multi-layer monitoring.

However, it is still unable to distinguish between good and bad web traffic, so you may need additional software.

Unified threat management (UTM) firewalls

A unified threat management firewall is a program that combines the functions of the SMLI firewall with intrusion prevention and antivirus. Additional services like cloud management may be included under the UTM umbrella of services.

Next-generation firewalls (NGFW)

Next-generation firewalls are more sophisticated than packet-filtering and stateful inspection firewalls. Why? They have more levels of security, going beyond standard packet-filtering to inspect a packet in its entirety. That means inspecting not just the packet header, but also a packet’s contents and source. NGFW are able to block more sophisticated and evolving security threats like advanced malware.

Network address translation (NAT) firewalls

A NAT firewall is able to assess internet traffic and block unsolicited communications. In other words, it only accepts inbound web traffic if a device on your private network solicited it.

Virtual firewalls

A virtual firewall is an appliance used in a cloud-based system, both private and public. This type of firewall is used to assess and manage internet traffic over both physical and virtual networks.

Host-based firewalls versus network-based firewalls

There are differences between host-based and network-based firewalls, along with benefits of having both in place.

Network firewalls filter traffic going to and from the internet to secured local area networks (LAN). They typically are used by businesses that need to protect a large network of computers, servers, and employees. A network-based firewall is able to monitor communications between a company’s computers and outside sources, as well as restrict certain websites, IP addresses, or other services.

Host-based firewalls work similarly but are stored locally on a single computer or device. A host-based firewall is a software application or a suite of applications that allows for more customization. They are installed on each server, control incoming and outgoing traffic, decide whether to allow traffic to individual devices, and protect the host.